Hi Brian, I don't think the user can shoot themselves in the foot here. If they are adding a member to an image it is pretty clear it means they want to share it.
Yes I can see the case when you want to disable sharing but I don't think the 'visibility' attribute is the way to do it. What if you want to share an image with a few people and then prevent the sharing of the image to any other people. Do you then change the visibility to private? Maybe this is what the protected attribute should be for? Basically I think you're overloading the visibility attribute, in one sense it means you can see the image, but then you're also now making it determine if the image can be shared or not. Cheers, Sam On Fri, Nov 18, 2016 at 12:27 AM, Brian Rosmaita < [email protected]> wrote: > On 11/17/16, 1:39 AM, "Sam Morrison" <[email protected]> wrote: > > > On 17 Nov. 2016, at 3:49 pm, Brian Rosmaita <[email protected]> > wrote: > > Ocata workflow: (1) create an image with default visibility, (2) change > its visibility to 'shared', (3) add image members > > > Unsure why this can’t be done in 2 steps, when someone adds an image > member to a ‘private’ image the visibility changes to ‘shared’ > automatically. > Just seems an extra step for no reason? > > > Thanks for asking, Sam, I'm sure others have the same question. > > Here's what we're thinking. We want to avoid "magic" visibility > transitions as a side effect of another action, and we want all means of > changing visibility to be consistent going forward. The two-step 1-1 > sharing that automatically takes you from 'private' -> 'shared' is > dangerous, as it can expose data and doesn't give an end user a way to make > an image "really" private. It's true that all an end user has to do under > the new scheme is make one extra API call and then still shoot him/herself > in the foot, but at least the end user has to remove the safety first by > explicitly changing the visibility of the image from 'private' to 'shared' > before the member-list has any effect. > > So basically, the reasons for the extra step are consistency and clarity. > > > Sam > >
_______________________________________________ OpenStack-operators mailing list [email protected] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
